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DETAILED ACTION 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
1 1/25/2005 has been entered. 

Claims 24, 26-36, and 51-70 are pending. 

Response to Amendment 
Applicant's amendments filed on 11/25/2005 have been considered. 

Response to Arguments 
Applicant's arguments have been considered, but are moot in view of new 
grounds of rejections presented below. 

Claim Objections 
Claim 61 is objected to because of the following informalities: 

1 . In claim 61 , line 25, the examiner believes applicant meant to recite "the proxy 
server". 

2. Appropriate correction is required. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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Claims 24, 26-36, 60, 51-59, and 68 are rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which applicant regards as the invention. 

1 . In claim 24, line 8 recites "the web browser" which lacks antecedent basis. The 
examiner believes applicant meant, "the at least one web browser". 

2. In claim 24, line 20, "the content" is recited. It is unclear to which content 
applicant is referring. The examiner believes applicant meant to recite "the 
requested content". 

3. In line 20 of claim 24, the examiner believes applicant meant to recite "the at 
least one SRP...." 

4. In lines 22 and 23 of claim 24, applicant recites "the content" and "said content". 
It is unclear if applicant meant for "the content" and "said content" to refer to the 
same content, i.e. the requested content in line 20. Assuming that applicant 
meant for them to refer to the same content, the examiner respectfully asks 
applicant to be consistent with the use of "said" and "the" when referring to the 
same item. In both lines, the examiner believes applicant meant "the requested 
content." ' 

5. In claim 24, lines 22-24, the examiner believes applicant meant to recite: 
"encrypting the requested content using the first secure session protocol for 
sending, using the first secure session, to the at least one web browser from the 
at least one SRP in response to the encrypted request for content from the at 
least one web browser". Note this would fix the lack of antecedent basis for "the 
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first session" in line 23 and clarify to which encrypted request for content is being 
referred. 

6. In claim 24, line 25, it is unclear what does the determining. The examiner 
believes applicant meant to recite "determining at the at least one SRP if the 
requested content is a static content". This language would be similar to what is 
recited in claim 61. 

7. In claim 24, line 30, the examiner believes applicant meant to recite "decrypting 
the encrypted static content...." 

8. Claim 51, line 6 recites "the SRP" which lacks antecedent basis. Applicant may 
have meant "the SRP appliance". 

9. In claim 51, "the content" is recited in the last two lines, which lacks antecedent 
basis. The examiner believes applicant meant "the static content". 

10. In claim 53, the examiner assumes applicant meant to recite "the secure local 
cache" instead of "the local cache" which lacks antecedent basis. 

1 1 . In claim 61 , line 45, the examiner believes applicant meant to recite "decrypting 
the encrypted static content...." 

12. In claim 68, the examiner believes applicant meant to recite "said caching the 
secure static content...." 

13. Any claims not specifically addressed are rejected by virtue of dependency. 



Claim Rejections - 35 USC § 103 
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The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 51-58 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

Bellwood et al (US 6,584,567) in view of Maruyama et al (US 2002/0015497) and 

further in view of Challenger et al (US 6,216,212). 

Claim 51: 

Bellwood implicitly discloses a processing mechanism (col 2, lines 57-63 and col 
7, lines 49-57). Bellwood discloses the proxy/SRP processing, therefore discloses a 
processing mechanism. 

Bellwood discloses an encryption and decryption mechanism, i.e. maser secret 
(col 2, lines 10-12). 

Bellwood discloses storing content in a secure local cache for future requests for 
the content (col 2, lines 36-40). 

Bellwood does not specifically disclose a tamper-resistant mechanism for storing 
one or more keys, wherein the one or more keys are known only to the SRP and are 
used for encrypting the static content. 

However, Maruyama discloses a tamper-resistant mechanism for storing one or 
more keys, wherein the one or more keys are known only to the computing device (p4, 
paragraph 51-52 and 54) and are used for encrypting content before storing the content 
(p4, paragraph 55). 
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At the time applicant's invention was made, it would have been obvious to one of 
ordinary skill in the art to modify Bellwood's invention to have a tamper-resistant 
mechanism for storing one or more keys, wherein the one or more keys are known only 
to the SRP and are used for encrypting content before storing the content in a secure 
local cache for further requests for the content. Note a SRP is a computing device. 
One of ordinary skill in the art would have been motivated to incorporate Maruyama's 
teachings thusly because the tamper resistant mechanism would provide greater 
security to Bellwood's proxy/SRP and the information stored within. 

Maruyama also does not disclose that the content stored in the SRP's cache is 
static content. However, Challenger discloses that at the time applicant's invention was 
made, most proxy caches do not store dynamic content, only static content (col 2, lines 
6-7). It would have been obvious to one of ordinary skill in the art to further modify 
Bellwood's invention such that the content encrypted and stored in the secure local 
cache was static content because it would save space in the cache to not store dynamic 
content. Note that cache is relatively small in comparison to other types of memory, so 
space would be a concern to one of ordinary skill in the art. 
Claim 52: 

The limitation of wherein the tamper-resistant mechanism includes a tamper- 
resistant non-volatile card is obvious to Bellwood's modified invention as it is disclosed 
by Maruyama (p4, paragraph 52). 
Claim 53: 
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Bellwood does not explicitly disclose wherein the local cache includes non- 
volatile memory. However, the examiner asserts that this limitation was well known in 
the art of computing at the time applicant's invention was made. It would have been 
obvious to one of ordinary skill in the art to further modify Bellwood's invention such that 
the local cache includes non-volatile memory because the use of non-volatile memory 
would prevent cached data from being lost should a the SRP lose power temporarily. 
Claim 54: 

Bellwood further discloses wherein the SRP appliance is configured for using a 
secure protocol (col 2, lines 4-7). 
Claim 55: 

Bellwood further discloses wherein the SRP appliance is configured for using a 
Secure Socket Layer protocol (col 2, lines 4-7). 
Claim 56: 

Bellwood does not explicitly disclose wherein the SRP appliance is configured for 
using Internet Protocol Secure ("IPSec") techniques. However, the examiner asserts 
that IPSec was a well known and commonly used security protocol at the time 
applicant's invention was made. It would have been obvious to one of ordinary skill in 
the art to further modify Bellwood's invention for using IPSec techniques. One of 
ordinary skill would have been motivated to do so because IPSec was a commonly 
used Internet security protocol at the time applicant's invention was made. 
Claim 57: 
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Bellwood further discloses wherein the SRP appliance is configured for using a 
Transport Layer Security Protocol (col 2, lines 4-7). 
Claim 58: 

Bellwood implicitly discloses wherein the SRP appliance is coupled among at 
least one web server and at least one web browser (col 3, lines 50-57 and col 4, lines 
50-64), wherein the SRP appliance intercepts requests from the at least one web 
browser to establish a secure network communication session with the at least one web 
server (col 2, line 45-col 3, line 8). In the cited passages, Bellwood discloses the client 
and server communicating using Netscape's protocols and HTTP. This implies the use 
of a web browser on the part of the client. 

Claims 59 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Bellwood et al (US 6,584,567) in view of Maruyama et al (US 2002/0015497) and 
further in view of Challenger et al (US 6,216,212) and applicant's admittance of prior art. 
Claim 59: 

Bellwood does not explicitly disclose wherein the static content is a banner or 
navigation button. However, applicant admitted on page 2, lines 9-10 of the specification 
that examples of static content includes banners and navigation buttons. Therefore, by 
definition, banners and navigation buttons are static contents and the limitation is 
obvious to Bellwood's modified invention. 
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Allowable Subject Matter 

Claims 24, 26-36, and 60 would be allowable if rewritten or amended to 
overcome the rejection(s) under 35 U.S.C. 112, 2nd paragraph, set forth in this Office 
action. 

Claims 61-70 are allowed. 

The following is a statement of reasons for the indication of allowable subject 
matter: 
Claim 24: 

The prior art does not teach the combination of limitations of: 

coupling at least one SRP among at least one web browser and at least one web 
server wherein the at least one SRP receives from the at least one web browser 
requests for establishing a first secure session; 

establishing the first secure session using a first secure session protocol 
between the at least one SRP and the at least on: web browser, wherein the at least 
one web browser sends an encrypted request for content to the at least one SRP; 

decrypting the encrypted request for content from the at least one web browser 
at the at least one SRP using the first secure session protocol, wherein the at least one 
SRP determines that the at least one SRP does not possess the requested content; 

establishing a second secure session using a second secure session protocol 
between the at least one SRP and the at least one web server, wherein the second 
secure session is maintained; 

encrypting the request for content from the at least one web browser using the 
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second secure session protocol; 

sending the encrypted request for content to the at least one web server using 
the second secure session; 

receiving the requested content from the at least one web server at the least one 
SRP using the second secure session; 

decrypting the requested content using the second secure session protocol; 

encrypting the requested content using the first secure session protocol for 
sending, using the first secure session, to the at least one web browser from the at least 
one SRP in response to the encrypted request for content from the at least one web 
browser; 

determining at the at least one SRP if the requested content is a static content; 

encrypting the requested content, if the requested content is the static content, 
using a third secure session protocol for storing the encrypted requested content locally 
in a memory at the at least one SRP, wherein the third secure session protocol is 
known only to the at least one SRP; 

decrypting the static-content from the memory at the at least one SRP upon 
subsequent requests for the static content; and 

sending the static content to the at least one web browser. 

Claims 26-36 and 60 are dependent on claim 24, which was indicated above as 
containing allowable subject matter. 

Claim 61: 
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The prior art does not teach the combination of limitations of: 

establishing a first secure session between a client and a proxy server using a 

first secure session protocol; 

encrypting a request for content at the client using the first secure session 

protocol; 

sending the encrypted request for content from the client to the proxy server 
using the first secure session; 

receiving the encrypted request for content at the proxy server using the first 
secure session; 

decrypting the encrypted request for content at the proxy server using the first 
secure session protocol; 

determining that the content is not available at the proxy server; 

establishing a second secure session between the proxy server and a web 
server using a second secure session protocol; 

encrypting the request for content using the second secure session protocol at 
the proxy server; 

sending the encrypted request for content from the proxy server to the web 
server using the second secure session; 

receiving the encrypted request for content at the web server using the second 
secure session; 

decrypting the encrypted request for content at the web server using the second 
secure session protocol; 
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encrypting the content at the web server using the second secure session 
protocol; 

sending the encrypted content from the web server to the proxy server using the 
second secure session; 

receiving the encrypted content at the proxy server using the second secure 
session; 

decrypting the encrypted content at the proxy server using the second secure 
session protocol; 

determining if the content is a static content at the proxy server; 

encrypting the content, if the content is the static content, using a third secure 
session protocol at the proxy server for storing the static content locally in a memory at 
the proxy server, wherein the third secure session protocol is known only to the proxy 
server; 

encrypting the content at the proxy server using the first secure session 
protocol; 

sending the encrypted content from the proxy server to the client using the first 
secure session; 

receiving the encrypted content at the client using the first secure 
session; 

decrypting the encrypted content at the client using the first secure 
session protocol; and 

decrypting the static content at the proxy server using the third secure session 
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protocol when an additional request for the static content is sent from the client to the 
proxy server. 

Claims 62-63 are dependent on claim 61, which was indicated above as containing 
allowable subject matter. 

Claim 64: 

The prior art did not teach the combination of limitations of: 

establishing a first secure session between a client and a proxy server using a 
first secure session protocol; 

sending an encrypted request for content from the client to the proxy server 
using the first secure session; 

receiving the encrypted request for content at the proxy server using the first 
secure session; 

decrypting the encrypted request for content at the proxy server using the first 
secure session protocol; 

determining that a first part of the content is available at the proxy server and a 
second part is not available at the proxy server; 

establishing a second secure session between the proxy server and a web 
server using a second secure session protocol to retrieve the second part of the 
content; 

encrypting a second request for the second part of the content using the second 
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secure session protocol at the proxy server; 

sending the encrypted second request for the second part of the content from 
the proxy server to the web server using the second secure session; 

receiving the encrypted second request for the second part of the content at the 
web server using the second secure session; 

decrypting the encrypted second request for the second part of the content at the 
web server using the second secure session protocol; 

encrypting the second part of the content at the web server using the second 
secure session protocol; 

sending the encrypted second part of the content from the web server to the 
proxy server using the second secure session; 

receiving the encrypted second part of the content at the proxy server using the 
second secure session; 

decrypting the encrypted second part of the content at the proxy server using the 
second secure session protocol', 

determining if the second part of the content is a static content at the proxy 

server; 

encrypting the second part of the content, if the second pad of the content is the 
static content, using a third secure session protocol at the proxy server for storing the 
static content locally in a memory at the proxy server, wherein the third secure session 
protocol is known only to proxy server; 

decrypting the first part of the content at the proxy server using the third session 
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protocol; 

encrypting the first and second pads of the content at the proxy server using the 
first secure session protocol; 

sending the encrypted first and second parts of the content from the proxy server 
to the client using the first secure session; 

receiving the encrypted first and second parts of the content at the client using 
the first secure session; 

decrypting the encrypted second and first parts of the content at the client using 
the first secure session protocol; and 

decrypting the first and second parts of the content at the proxy server using the 
third secure session protocol when an additional request for the first and the seconds 
parts of the content is sent from the client to the proxy server. 

Claims 65-66 are dependent on claim 64, which was indicated above as containing 
allowable subject matter. 

Claim 67: 

The prior art does not teach the combination of limitations of 

establishing a first secure session between a client and a secure reverse proxy 

(SRP), wherein the first secure session prevents intermediate storing of secure static 

content on a reverse proxy; 

receiving a request for content from the client at the SRP, wherein the requested 
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content is uncached at the SRP; 

establishing a second secure session between the SRP and a web server, 
wherein the second secure session prevents intermediate storing of secure static 
content on a reverse proxy; 

in response to the request for content: 

obtaining, by way of the second secure session, secure static content 
from the web server at the SRP; 

caching the secure static content at the SRP. 

sending, by way of the first secure session, the secure static content from 
the SRP to the client. 

Claims 68-70 are dependent on claim 67, which was indicated above as containing 
allowable subject matter. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ponnoreay Pich whose telephone number is 571-272- 
7962. The examiner can normally be reached on 9:00am-4:30pm Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Ponnoreay Pich 
Examiner 
Art Unit 2135 



PP 




